• DocumentCode
    3055054
  • Title

    An Architectural Approach to Preventing Code Injection Attacks

  • Author

    Riley, Ryan ; Jiang, Xuxian ; Xu, Dongyan

  • Author_Institution
    Purdue Univ., West Lafayette
  • fYear
    2007
  • fDate
    25-28 June 2007
  • Firstpage
    30
  • Lastpage
    40
  • Abstract
    Code injection attacks, despite being well researched, continue to be a problem today. Modern architectural solutions such as the NX-bit and PaX have been useful in limiting the attacks, however they enforce program layout restrictions and can often times still be circumvented by a determined attacker. We propose a change to the memory architecture of modern processors that addresses the code injection problem at its very root by virtually splitting memory into code memory and data memory such that a processor will never be able to fetch injected code for execution. This virtual split memory system can be implemented as a software only patch to an operating system, and can be used to supplement existing schemes for improved protection. Our experimental results show the system is effective in preventing a wide range of code injection attacks while incurring acceptable overhead.
  • Keywords
    memory architecture; security of data; code injection attacks; code injection problem; data memory; memory architecture; modern processors; program layout restrictions; virtual split memory system; Arm; Computer architecture; Gain control; Memory architecture; Operating systems; Protection; Software performance; Code Injection; Secure Memory Architecture;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependable Systems and Networks, 2007. DSN '07. 37th Annual IEEE/IFIP International Conference on
  • Conference_Location
    Edinburgh
  • Print_ISBN
    0-7695-2855-4
  • Type

    conf

  • DOI
    10.1109/DSN.2007.13
  • Filename
    4272953
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3055054